(The book tour for The Practice of Cloud System Administration has begun! Book signings planned for NY, NJ, Philly, Austin, Denver, Seattle and The Netherlands. Parties planned for NYC on Sept 17 and at my house in NJ on Sept 20. If you are local, please attend. More info on https://the-cloud-book.com)

A summary of the interesting articles I've found this month.

Mark Burgess on why APIs are bad They aren't idempotent. If you use an API to create an object and crash mid-way through, when you recover from the crash you don't know if the object is in a good state or not. Should you delete it and re-create it? Assume it is good? Who knows? It is like the CAP Principle but worse. APIs also encourage vendor lock-in, which is bad. What should replace APIs? Promise theory. Vendors should provide declarative systems that let people specify what the desired state should be and create that state in an idempotent way. (Note: another "why APIs are bad" article was highlighted in back in May of this year.)

How Microsoft dragged its development practices into the 21st century Probably the best explanation of what "Agile" is that I've seen on the web. The author goes into the right amount of detail to help the reader understand the problems of software development, as they affect the business, and how Agile fixes these problems. This should be required reading for CFOs, CIOs, and VPs of Engineering. By the way... if you aren't sure what DevOps is, the best way to describe it is: Agile applied to system administration.

Elizabeth's Joseph summary of DebConf, with a lot of cool CI stuff Elizabeth's summary highlights many new uses of Continuous Integration that are being employed by the Debian folks. Examples run from better testing to more reliable releases. There are many excellent use-cases here that others should be jealous of. Just kidding, you don't have to be jealous... it is open source! Just set up Jenkins CI and replicate these techniques with your project!

Revisiting How We Put Together Linux Systems Currently Linux distributions are a base image plus many packages. Here's a proposal for building Linux out of overlapping disk images. Sounds crazy, but the people discussing it are in a position to actually do it. The advantages are surprising. If you thought containers were cool, here's a complementary technology idea that would (in combination with containers) fix a lot of problems, including putting an end to "dependency hell."

How the Other Half Works: an Adventure in the Low Status of Software Engineers: What most of us don't realize is that this culture of mandatory "passion" lowers our social status because it encourages us to work unreasonably hard and irrespective of conditions. The fastest way to lose social status is to show acceptance of low social status. From a time-management perspective, the point here is that when you for long hours and weekends for free, it devalues the role of a system administrator.

BlackBox: A system that makes it easy to safely store secrets in Git or Mercurial You shouldn't store secrets like passwords and SSL certs in version control repositories. It isn't secure, and even if you trust the security of your repo, you probably don't (or shouldn't) trust the people that run the server or do backups. Instead you should encrypt those secretes before you put them in the repo. Sadly that's a pain it the butt. ...not any more! I've open sourced a set of shell scripts I wrote that make it easy to do this. I created the system for use with our Puppet repository at Stack Exchange.com, but the scripts work with any Git or Mercurial repository now.

Misc Stuff

The new season of Homeland has started. I've started streaming House Of Cards and Defiance; both are awesome. (Trivia: I went to college with Defiance's creator Kevin Murphy).

Best movie of the summer: Guardians of the Galaxy. (I've seen it in Imax 3D twice already.)

Looking forward to seeing The Giver before it leaves the theater.

I have a new book coming out!

It is called "The Practice of Cloud System Administration" and it ships September 5, 2014. That's less than a week! If you want to be the first to get news and notes about it, click here and tell me your email address.

Non-technical read of the month:

Rat Park (comic) -- In comic form, Stuart McMillen explains a drug experiment that should have stopped The War On Drugs.

I have a new book coming out!

It is called "The Practice of Cloud System Administration" and it will be out in November 2014. If you want to be the first to get news about it, click here and tell me your email address. I promise I barely have time to send one email a month.

This month I learned:

The reason I couldn't find a bash script that did a git rebase but only if it wouldn't cause a mess is because you don't need a script, just the --ff-only flag. You can set an alias so that git p does it:

Please Put OpenSSL Out of Its Misery There was a big call for improving OpenSSL. Poul-Henning Kamp gives a blunt analysis. On a personal note... I think it's a shame OpenBSD's replacement can't be called OpenOpenSSL (literally... the license forbids forks from doing that). Ha ha, only serious.

And non-Heartbleed stuff too...

Better Bash Scripting in 15 Minutes Some excellent tips. I write a LOT of bash scripts and I didn't know many of these. At the end he concludes with a useful list of "signs you should not be using a bash script".

Welcome Shane Madden to StackExchange! I don't usually link to my own writing, but I make an exception for this one. I have a new coworker at StackExchange and here is our blog post about his arrival.

ACMQueue on Reddit.

Thanks for reading this month's "Good Reads". I'll be teaching classes and speaking at LOPSA-East on May 2-3 in New Brunswick, NJ. I got an acceptance email for a talk proposal at VelocityConf NYC on Sept 15-17 (more about that soon). I'll also be speaking at SpiceWorld Austin Sept 23-24. Hope to see you soon!

Why Puppet/Chef/Ansible aren't good enough (and we can do better): This is mostly about the Nix package manager and the new linux distro NixOS which is entirely Nix-based down to the bone. I haven't used it yet, but I had to admit this is what I was trying to achieve back in the 1990s with the simple package management system I made... but I didn't go far enough. These people did. I'm looking forward to trying this out.

http://dec64.com DEC64 is a new (proposed) floating point format. I fear that most people don't understand how floating point numbers are stored on computers so this will be wasted. However I'm fascinated by the implications of this new (proposed) format. Basically 54-bits are used to store an integer and 8 bits are used to store the exponent. So, you know how big numbers are often written "1234E45"? Well, in this format you store "1234" in the 54-bit part and "45" in the 8-bit part. If two numbers have the same exponent the math is just integer math (assuming no overflow).

Multipath TCP: I had misconceptions about this. It turns out this is a system for doing TCP over all your interfaces at the same time. For example, a mobile phone has a Wifi NIC and an LTE "modem". MPTCP let's you open a connection to a web site on Wifi and LTE at the same time, load balancing between the two; transparently switching between them as one has more errors or dropouts, etc. I think this would make my mobile experience so much better that I plan on changing mobile platforms the moment someone supports this. Of course, it has to be supported on the website end also, but I can hope. Evil thought: The IPv6 people should convince kernel developers to only implement this for IPv6 and declare it to the "the killer feature of IPv6". Considering that LTE is IPv6, this isn't too far fetched.

Go Read: One Year with Money and App Engine: When Google Reader was cancelled, Matt made a clone called "Go Read". At the 1 year anniversary here's his look back at his experience building a business and making it profitable. It turns out a key part was optimizing not the code, but his usage of Google App Engine. Interesting quote: "App Engine charges for data stored in its amazing datastore (my favorite feature of App Engine and the only feature I'm aware of that has zero competitors in the cloud space. When you compare to AWS prices, no one mentions the datastore.)"

How We Make Trello: This is a great writeup of how Trello works ... on the inside. It turns out the web client is doing all the smarts in the browser and talks to their API just like the mobile app does. More web apps should be like that. If you aren't using Trello you should check it out. People love it so much that I get fanmail just for recommending it. One of my talks at Cascadia IT 2014 included 3 slides on Trello. The next week I got email that said, "I especially want to thank you for Trello - what a simply elegant app--wish I'd found this sooner--it's a breeze and SO HELPFUL! I've tried other PM tools that I like but that seemed to take too much setup and maintenance time (like Basecamp, etc.). Trello is about as perfect as it gets."

Why Roslyn is a big deal: I'm a total fanboy for reading about compiler internals. If reading about LLVM got you hot and bothered, check out Microsoft's new compiler project. By making the compiler out of re-usable components, it is going to make their IDEs and, heck, their entire tool chain a lot, lot, better. Why aren't the LLVM people applying this kind of thinking to IDEs?